计算机网络 02:应用层(1)

已注销
134 阅读5分钟

Chapter 2: Application Layer

Outline

  1. principles of network applications
  2. Web and HTTP
  3. Electronic mail: SMTP, POP3, IMAP
  4. DNS
  5. P2P applications
  6. Video streaming and content distribution networks
  7. Socket programming with UDP and TCP

Creating a network app

write programs that:

  • run on (different) end systems

  • communicate over network

    ::: tip e.g., web server software communicates with browser software :::

no need to write software for network-core devices:

  • network-core devices(网络核心设备) do not run user applications
  • applications on end systems(终端系统上的应用程序) allows for rapid app development, propagation(传播)

结构上:

  • client-server 服务器与客户端
  • peer-to-peer (P2P) 端对端

Client-server architecture

server:

  • always-on host(不间断主机)
  • permanent(永久) IP address
  • data centers for scaling(拓展)

clients:

  • communicate with server
  • may be intermittently(间歇性的) connected
  • may have dynamic IP addresses(动态 IP)
  • do not communicate directly with each other

image-20230316170707030.png

P2P architecture

  • no always-on server
  • arbitrary(任意的) end systems directly communicate
  • peers(对等体) request service from other peers, provide service in return to other peers
  • self scalability(自我弹性) – new peers bring new service capacity(容量), as well as new service demands(需求)
  • peers are intermittently(间歇性) connected and change IP addresses
  • complex(复杂的) management

image-20230316180046303.png

Processes communicating

  • client process: process that initiates communication
  • server process: process that waits to be contacted

::: tip Applications with P2P architectures have client processes & server processes :::

Sockets

套接字(socket)是一个抽象层,应用程序可以通过它发送或接收数据,可对其进行像对文件一样的打开、读写和关闭等操作。套接字允许应用程序将 I/O 插入到网络中,并与网络中的其他应用程序进行通信。网络套接字是 IP 地址与端口的组合。

我们将一个小区比作一台计算机,一台计算机里面跑了很多程序,怎么区分程序呢,用的是端口,就好像小区用门牌号区分每一户人家一样。手机送到小明家了,怎么进去呢?从大门进啊,怎么找到大门呢?门牌号呀。不就相当于从互联网来的数据找到接收端计算机后再根据端口判断应该给哪一个程序一样吗。小明家的入口就可以用小区地址+门牌号进行唯一表示,那么同样的道理,程序也可以用 IP+端口号进行唯一标识。那么这个程序的入口就被称作 Socket。

socket analogous(很相似的) to door:

  • sending process shoves(推送) message out door
  • sending process relies on transport infrastructure(基础设施) on other side of door to deliver message to socket at receiving process

Addressing processes

To receive messages, process must have identifier.

identifier includes both IP address and port numbers associated with process on host.

What transport service does an app need?

data integrity(数据完整性)

  • some apps (e.g., file transfer, web transactions) require 100% reliable data transfer
  • other apps (e.g., audio) can tolerate(容忍,允许) some loss

timing(时效性,即时性)

  • some apps (e.g., Internet telephony(网络电话), interactive games) require low delay to be “effective”

throughput(吞吐率)

  • some apps (e.g., multimedia) require minimum amount of throughput to be “effective”
  • other apps (“elastic apps”,弹性应用) make use of whatever throughput they get

security(安全性)

  • encryption, data integrity(数据完整性)

Internet transport protocols(协议) services

TCP service:

  • reliable transport between sending and receiving process
  • flow control(流量控制) : sender won’t overwhelm(溢出) receiver
  • congestion control(拥塞控制) : throttle(限制,掐死) sender when network overloaded
  • does not provide: timing, minimum throughput guarantee, security
  • connection-oriented(面向连接) : setup required between client and server processes

UDP service:

  • unreliable data transfer between sending and receiving process
  • does not provide: reliability, flow control, congestion control, timing, throughput guarantee, security, or connection setup

TCP/IP 协议是一个协议簇。里面包括很多协议的,UDP 只是其中的一个,之所以命名为 TCP/IP 协议,因为 TCP、IP 协议是两个很重要的协议,就用他两命名了。

TCP/IP 协议集包括应用层,传输层,网络层,网络访问层。

TCP(Transmission Control Protocol,传输控制协议)

TCP 是面向连接的协议,也就是说,在收发数据前,必须和对方建立可靠的连接。一个 TCP 连接必须要经过三次“对话”才能建立起来。

UDP(User Data Protocol,用户数据报协议)

1、UDP 是一个非连接的协议,传输数据之前源端和终端不建立连接,当它想传送时就简单地去抓取来自应用程序的数据,并尽可能快地把它扔到网络上。在发送端,UDP 传送数据的速度仅仅是受应用程序生成数据的速度、计算机的能力和传输带宽的限制;在接收端,UDP 把每个消息段放在队列中,应用程序每次从队列中读一个消息段。

2、由于传输数据不建立连接,因此也就不需要维护连接状态,包括收发状态等,因此一台服务机可同时向多个客户机传输相同的消息。

3、UDP 信息包的标题很短,只有 8 个字节,相对于 TCP 的 20 个字节信息包的额外开销很小。

4、吞吐量不受拥挤控制算法的调节,只受应用软件生成数据的速率、传输带宽、源端和终端主机性能的限制。

5、UDP 使用尽最大努力交付,即不保证可靠交付,因此主机不需要维持复杂的链接状态表(这里面有许多参数)。

6、UDP 是面向报文的。发送方的 UDP 对应用程序交下来的报文,在添加首部后就向下交付给 IP 层。既不拆分,也不合并,而是保留这些报文的边界,因此,应用程序需要选择合适的报文大小。

Securing TCP and SSL

TCP & UDP 存在的问题:

  • no encryption
  • cleartext passwds(明文密码) sent into socket traverse(通过) Internet in cleartext

SSL:

  • provides encrypted TCP connection
  • data integrity(数据完整性)
  • end-point authentication(身份验证)

此外注意:

  • SSL is at app layer(位于应用层): apps use SSL libraries, that “talk” to TCP
  • SSL socket API: cleartext passwords sent into socket traverse Internet encrypted
avatar
文章
阅读
粉丝